Hi Michael,
Current implementation doesn't do the client authentication. The implementation
is very basic (done using (out-of-date!!) examples provided with OpenSSL
library distribution). If you need client authentication you should implement
it. Look for more examples in OpenSSL and its mail archives on how to do that
(I did not try).
wwwlib-SSL module's purpose is to provide a hook to SSL and the concrete SSL
functionality is up to the programmer. Not everyone would want the client
authentication for example...
Olga.
On 20-Aug-99 Sierchio, Michael wrote:
> Forgive the naive and possibly redundant question, but
> do you support client certs and two-way auth?
>
> Thanks,
>
> M. Sierchio
>
>> -----Original Message-----
>> From: Olga Antropova [mailto:olga@goliath.eai.com]
>> Sent: Friday, August 13, 1999 12:17 PM
>> To: yajun_liu@peoplesoft.com
>> Cc: www-lib@w3.org
>> Subject: RE: libwww-SSL
>>
>>
>> Yajun,
>>
>> Explicit call to SSL_connect is not necessary. If the
>> connection state is set
>> like in HTSSL_connectSetup:
>>
>> SSL_set_connect_state(htssl->ssl);
>>
>> then call to SSL_read or SSL_write will trigger the handshake.
>>
>> You can modify your local copy of HTSSL_connectSetup to do:
>>
>> SSL_set_fd(htssl->ssl, sd);
>> SSL_connect(htssl->ssl);
>>
>> Olga.
>>
>> On 13-Aug-99 yajun_liu@peoplesoft.com wrote:
>> >
>> > Hi there,
>> >
>> > I could not figure out how the handshake takes place in
>> libwww-SSL library.
>> > The function SSL_connect does never got called. Any hints?
>> >
>> > --Yajun
>>